Strong and stable: The iOS security guide

Credit to Author: Jonny Evans| Date: Fri, 17 Nov 2017 08:36:00 -0800

Apple’s smartphones are highly secure, but if your private or enterprise data matters to you, it’s essential to ensure your iPhone (or iPad) is as secure as possible.

Just because almost all mobile malware targets Android doesn’t mean iPhone users can be complacent.

Quite the reverse:

We need to be even more alert in case attackers use complacency against us. What follows are a few simple tips to help you secure your iPhone (and iPad).

There’s no way to deny that iPhones are in the ascendant, particularly in enterprise IT. Beyond business, you’ll see them used by educators, doctors, police and politicians and in each one of those cases the information on those smartphones is confidential and must not be abused.

Security is mandatory. Fortunately, Apple works really hard to balance security with usability

So, what’s the weakest point in mobile device security? Sadly, it’s you. From tapping links in phony emails to accessing confidential password-protected information using open public Wi-Fi hotspots to simply using the same password everywhere: All these common flaws contribute to your security weakness. If you want to secure your mobile devices, then you should start with good security habits:

Now let’s take a closer look at some of the many other ways you can secure your iPhone/iPad life.

[Also read: Lock it down: The macOS security guide]

Apple watches security on its devices closely. For example, when the first zero-day exploit aimed at iOS was identified in 2016, Apple issued a security update to patch the problem within a few days. If you care about your device security you must absolutely ensure you install all the latest iOS upgrades. (Android users may want to look away at this point, as they have nothing like as much protection).

The passcode is the single most important security protection you have on your device. If you want to be secure you absolutely must use a passcode.

Do you use any of these as your passcode?

These were the three most commonly used passwords in 2015. That’s why they are among the first passcodes people use if they want to unlock your device without your permission.

A report claims it would take a computer an estimated 72-years to hack into a 6-digit alphanumeric passcode, or an estimated 7-minutes to get through a 4-digit numeric code. It would take a human 2,700 years to get through a 6-digit alphanumeric passcode.

You must use a stronger passcode.

What you have to understand is that at Apple, the passcode is still the most important part of your iOS security set-up.

Face ID and Touch ID are good, but they exist for your convenience more than anything else. Both biometric authorization methods depend on you using a unique and hard to break passcode. That’s why you are asked for your passcode when you restart your device, or an Apple Pay transaction fails to recognize your fingerprint, or when the device is left unused for a day or two.

One good way to create a tough password is to make a memorable sentence, such as “Give That Talented Jonny Evans All My 42 Bitcoins, Immediately” and then use the second letter from each word (with punctuation) as you code: ihaovly2i,m.

The best way to protect your device is to use an alphanumeric code. To create one you must open Settings>Touch ID & Passcode, and select Change Passcode.

You’ll be asked to enter your existing passcode and then asked to enter a new one. Don’t enter a new one. Instead, tap the words Passcode Options at the bottom of the screen, Now you can create a rock solid alphanumeric code.

Apple claims that Face ID is more secure than the fingerprint-based Touch ID. It says there is only a one in a million chance a random person could unlock your iPhone by looking at it using Face ID, compared with a one in 50,000 probability when using Touch ID.

“FaceID makes using a longer, more complex passcode far more practical because you don’t need to enter it as frequently,” Apple said in a security white paper.

What we’re saying is that while you can use these as a convenience, you should always ensure your passcode remains your primary security protection.

Open Password & Security in Settings and turn on 2-factor authentication. Once it is enabled you’ll need to provide two pieces of information (your password and the six-digit verification code) when attempting to sign in to your Apple ID on a new device.

You must also set a Trusted Phone Number here. This is a number that can be used to receive verification codes by text message or automated phone call.

It’s good practice to verify a few numbers here, your home number and that of a trusted third party, for example. You can then use those numbers to get the code to enter your own device if you need to do so.

You can disable Face ID and/or Touch ID very quickly on iOS 11. This is something you might want to do if you think you’re about to be robbed, or about to have a ‘memorable’ experience with some nosey border guard, who wants to look at all you secrets and may force you to unlock your device – they can make you unlick biometrically, but not usually demand the code.

Lower the auto-lock time to 30-seconds in Settings>General>Auto-Lock. It’s a little annoying, but it’s the best approach.

You should also limit the functions you can see on screen when it is locked in Settings>Touch ID & Passcode>Allow Access When Locked. Just switch off the ones you don’t want other people to see, access or use.

One thing you should disable is access to Siri on the lock screen. This prevents people getting details about you by saying “Hey Siri,” and asking “Who does this iPhone belong to?”.

What happens if someone tries to open your iPhone? Unless you set this protection up they will be able to try and keep trying until they break in.  The Erase data feature is available in Settings>Touch ID & Passcode screen.

Set the Erase Data toggle to green and all the data on your iPhone will be erased after 10 failed passcode attempts. That’s not such great news if you forget your passcode, (though you do backup, right?) but fantastic if someone’s trying to break into your phone to pillage the device for everything it can find out.

More after the break–> 

http://www.computerworld.com/category/security/index.rss